Overview

overview

10

Static

static

3

53b1c379f0...18.dll

windows7-x64

10

53b1c379f0...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53b1c379f045426c1e90ae72a411a7b0_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240518-jqsk8sae4v

  • MD5

    53b1c379f045426c1e90ae72a411a7b0

  • SHA1

    0e69bbd360d8b77280411d828eba74935bf9a76f

  • SHA256

    96980e2650d9389d0f72f8271eb54a26d86c599789ee0d3fc4bfb826b0eda2fa

  • SHA512

    b059ff053a6a83e95c589b6e13aee88082a7202b882d91bd0d185ed9b8d6a56431d9efeb5c9914a3fb3f8dc7e64b8c3111e2993c6b04db9d7c8be0f9e0268235

  • SSDEEP

    49152:znwQqMSPbcBVQej/1YNRNSxCDQatcqPc2r+6h40WpVgbgm5xz2Il23ZzgttoIvuv:TTqPoBhz1KRVY9gqBQcQQ

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      53b1c379f045426c1e90ae72a411a7b0_JaffaCakes118

    • Size

      5.0MB

    • MD5

      53b1c379f045426c1e90ae72a411a7b0

    • SHA1

      0e69bbd360d8b77280411d828eba74935bf9a76f

    • SHA256

      96980e2650d9389d0f72f8271eb54a26d86c599789ee0d3fc4bfb826b0eda2fa

    • SHA512

      b059ff053a6a83e95c589b6e13aee88082a7202b882d91bd0d185ed9b8d6a56431d9efeb5c9914a3fb3f8dc7e64b8c3111e2993c6b04db9d7c8be0f9e0268235

    • SSDEEP

      49152:znwQqMSPbcBVQej/1YNRNSxCDQatcqPc2r+6h40WpVgbgm5xz2Il23ZzgttoIvuv:TTqPoBhz1KRVY9gqBQcQQ

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3207) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks